From 3222f26d7e4e48f6d5ba86c7e47a4235f5a779f2 Mon Sep 17 00:00:00 2001 From: boyce Date: Thu, 11 Apr 2019 10:19:16 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AF=B9https=E4=B8=8Ewebsocket=E6=94=AF?= =?UTF-8?q?=E6=8C=81=E5=A4=9A=E8=AF=81=E4=B9=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cluster/cluster.go | 2 -- network/httpserver.go | 35 ++++++++++++++++++++++++++++++----- network/websocketserver.go | 37 ++++++++++++++++++++++++++++++------- 3 files changed, 60 insertions(+), 14 deletions(-) diff --git a/cluster/cluster.go b/cluster/cluster.go index b4f1e9d..4de94d2 100644 --- a/cluster/cluster.go +++ b/cluster/cluster.go @@ -323,7 +323,6 @@ func (slf *CCluster) Go(bCast bool, NodeServiceMethod string, args interface{}, if replyCall.Error != nil { service.GetLogger().Printf(sysmodule.LEVER_ERROR, "CCluster.Go(%s) fail:%v.", NodeServiceMethod, replyCall.Error) } - return replyCall.Error } else { pclient := slf.GetClusterClient(nodeid) if pclient == nil { @@ -334,7 +333,6 @@ func (slf *CCluster) Go(bCast bool, NodeServiceMethod string, args interface{}, if replyCall.Error != nil { service.GetLogger().Printf(sysmodule.LEVER_ERROR, "CCluster.Go(%s) fail:%v.", NodeServiceMethod, replyCall.Error) } - return replyCall.Error } } diff --git a/network/httpserver.go b/network/httpserver.go index 4d2b754..24831ab 100644 --- a/network/httpserver.go +++ b/network/httpserver.go @@ -1,6 +1,7 @@ package network import ( + "crypto/tls" "fmt" "net/http" "os" @@ -10,6 +11,11 @@ import ( "github.com/duanhf2012/origin/sysmodule" ) +type CA struct { + certfile string + keyfile string +} + type HttpServer struct { port uint16 @@ -18,8 +24,7 @@ type HttpServer struct { writetimeout time.Duration httpserver *http.Server - certfile string - keyfile string + caList []CA ishttps bool } @@ -41,17 +46,35 @@ func (slf *HttpServer) Start() { func (slf *HttpServer) startListen() error { listenPort := fmt.Sprintf(":%d", slf.port) + + var tlscatList []tls.Certificate + var tlsConfig *tls.Config + for _, cadata := range slf.caList { + cer, err := tls.LoadX509KeyPair(cadata.certfile, cadata.keyfile) + if err != nil { + service.GetLogger().Printf(sysmodule.LEVER_FATAL, "load CA [%s]-[%s] file is error :%s", cadata.certfile, cadata.keyfile, err.Error()) + os.Exit(1) + return nil + } + tlscatList = append(tlscatList, cer) + } + + if len(tlscatList) > 0 { + tlsConfig = &tls.Config{Certificates: tlscatList} + } + slf.httpserver = &http.Server{ Addr: listenPort, Handler: slf.handler, ReadTimeout: 10 * time.Second, WriteTimeout: 10 * time.Second, MaxHeaderBytes: 1 << 20, + TLSConfig: tlsConfig, } var err error if slf.ishttps == true { - err = slf.httpserver.ListenAndServeTLS(slf.certfile, slf.keyfile) + err = slf.httpserver.ListenAndServeTLS("", "") } else { err = slf.httpserver.ListenAndServe() } @@ -66,8 +89,10 @@ func (slf *HttpServer) startListen() error { } func (slf *HttpServer) SetHttps(certfile string, keyfile string) bool { - slf.certfile = certfile - slf.keyfile = keyfile + if certfile == "" || keyfile == "" { + return false + } + slf.caList = append(slf.caList, CA{certfile, keyfile}) slf.ishttps = true return true } diff --git a/network/websocketserver.go b/network/websocketserver.go index 7caee9c..8664c87 100644 --- a/network/websocketserver.go +++ b/network/websocketserver.go @@ -1,6 +1,7 @@ package network import ( + "crypto/tls" "errors" "fmt" "net/http" @@ -31,6 +32,7 @@ type IMessageReceiver interface { OnDisconnect(clientid uint64, err error) OnRecvMsg(clientid uint64, msgtype int, data []byte) OnHandleHttp(w http.ResponseWriter, r *http.Request) + IsInit() bool } type Reciver struct { @@ -65,9 +67,9 @@ type WebsocketServer struct { httpserver *http.Server reciver map[string]Reciver - certfile string - keyfile string - iswss bool + caList []CA + + iswss bool } const ( @@ -114,17 +116,34 @@ func (slf *WebsocketServer) SetupReciver(pattern string, messageReciver IMessage func (slf *WebsocketServer) startListen() { listenPort := fmt.Sprintf(":%d", slf.port) + var tlscatList []tls.Certificate + var tlsConfig *tls.Config + for _, cadata := range slf.caList { + cer, err := tls.LoadX509KeyPair(cadata.certfile, cadata.keyfile) + if err != nil { + service.GetLogger().Printf(sysmodule.LEVER_FATAL, "load CA %s-%s file is error :%s", cadata.certfile, cadata.keyfile, err.Error()) + os.Exit(1) + return + } + tlscatList = append(tlscatList, cer) + } + + if len(tlscatList) > 0 { + tlsConfig = &tls.Config{Certificates: tlscatList} + } + slf.httpserver = &http.Server{ Addr: listenPort, Handler: slf.initRouterHandler(), ReadTimeout: 10 * time.Second, WriteTimeout: 10 * time.Second, MaxHeaderBytes: 1 << 20, + TLSConfig: tlsConfig, } var err error if slf.iswss == true { - err = slf.httpserver.ListenAndServeTLS(slf.certfile, slf.keyfile) + err = slf.httpserver.ListenAndServeTLS("", "") } else { err = slf.httpserver.ListenAndServe() } @@ -244,7 +263,9 @@ func (slf *WebsocketServer) initRouterHandler() http.Handler { r := mux.NewRouter() for pattern, reciver := range slf.reciver { - r.HandleFunc(pattern, reciver.messageReciver.OnHandleHttp) + if reciver.messageReciver.IsInit() == true { + r.HandleFunc(pattern, reciver.messageReciver.OnHandleHttp) + } } cors := cors.AllowAll() @@ -252,8 +273,10 @@ func (slf *WebsocketServer) initRouterHandler() http.Handler { } func (slf *WebsocketServer) SetWSS(certfile string, keyfile string) bool { - slf.certfile = certfile - slf.keyfile = keyfile + if certfile == "" || keyfile == "" { + return false + } + slf.caList = append(slf.caList, CA{certfile, keyfile}) slf.iswss = true return true }